WIP: integrate getting bitgo gpg key

Author: mohammadalfaiyazbitgo

src/__tests__/masterBitgoExpress/.wip.md

@@ -1,16 +1,20 @@
 # Notes
 
 ## Work Items
+
 - [x] Get example logs
 - [x] Create api specs for use
-    - [x] Actual Master Spec
-    - [x] Standup Enclaved Spec
-    - [x] Create empty handlers
-- [ ] Modify to directly call BitGo (instaead of using the methods)
+  - [x] Actual Master Spec
+  - [x] Standup Enclaved Spec
+  - [x] Create empty handlers
+- [x] Modify to directly call BitGo (instaead of using the methods)
+- [ ] Fill out implementation for finalize
+  - [ ] mock out the encrypted data being sent back & forth
 - [ ] Create integration tests with fake values from below
-- [ ] pass in BitGo GPG Key to enclaved
+- [x] pass in BitGo GPG Key to enclaved
 
 ## Example Logs from Creating a Solana Keychain
+
 ```json
 Starting keychain creation process...
 Step 1: Initializing MPC...
@@ -296,4 +300,4 @@ Final keychain triplet: {
     "walletHSMGPGPublicKeySigs": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nxk8EaFRmgBMFK4EEAAoCAwTGXYL4mPPKg3u1KkPeXR9lOqqem/i3kgdgQE9P\nIZlvNdZyVcoAyrTos0Negm39jQPzssKbjNYbwmD6oBliJIWDzVUxYzU3NDY3\nNmUwNWM3Zjc0Zjg4YmM5YmEgPHVzZXItMWM1NzQ2NzZlMDVjN2Y3NGY4OGJj\nOWJhQDFjNTc0Njc2ZTA1YzdmNzRmODhiYzliYS5jb20+wowEEBMIAD4FgmhU\nZoAECwkHCAmQ6ylVI/YkWEQDFQgKBBYAAgECGQECmwMCHgEWIQRS2wpzMoJX\nVNidgnnrKVUj9iRYRAAA0kkA/R78hy0CNnUPCMMi2Co6VlYALrx+xFydb0+7\n8Yza5IF2AP93Xc9FKo8OPO5pg5uPnC6fXvsJqVne289iETTtsihaaMLCCQQT\nEwgCewWCaFRmhgILCQmQiTUbCAxrp3uXFIAAAAAADgCAY29tbW9uS2V5Y2hh\naW40ZTUzNGEwMTkzYzY2MzZhMDcyNzA3OWUyNTYwMWFiZDZjMjg1M2Q2MzU4\nMjE2MmJjNTNhZTY5YjE1MmYwZWMyYzJlMDk2NTgzZGE4ZTdmZmQzNmRmZjYx\nMzFhMTcwMjA3MjdmOTU0MzAwMTUyNWMxNzJjMWU3NzI5MDAzNTlkMz0UgAAA\nAAAMACh1c2VyR3BnS2V5SWQ1MmRiMGE3MzMyODI1NzU0ZDg5ZDgyNzllYjI5\nNTUyM2Y2MjQ1ODQ0PxSAAAAAAA4AKGJhY2t1cEdwZ0tleUlkODk0OTEwZjQx\nNzAzZTZjMmI2YWE4ODQ0YWNkNzJkMDRkOTlhMDFjMJUUgAAAAAAMAIB1c2Vy\nU2hhcmVQdWI3MWM5ZTUwZWQwYTM2ZDJhNjNiODQyMmIxYWJjZGNkYjdlMDA2\nYTNhYzYxZTM0ZmUyNGU5YmYwMjY1YzU4ZDkwNGRhYzZmNjkzZGRlZGY1NzU0\nZjIwOWRlNDI5YjliODViODc4ZTA5MjllYzg2NjAxN2Y4ZGExYjE3ZTE2OTZj\nM5cUgAAAAAAOAIBiYWNrdXBTaGFyZVB1YjI5NWRjZDIwMTQ3Yzk4ZjJmODUx\nZjU1MmYxODk0NmM5NDkyN2ZlMzFlNjE4NjM2Mzg1Y2MyMzVhMzk1OWIwOWQ0\nZGFjNmY2OTNkZGVkZjU3NTRmMjA5ZGU0MjliOWI4NWI4NzhlMDkyOWVjODY2\nMDE3ZjhkYTFiMTdlMTY5NmMzAhUIAhYAA5sCAQIeARYhBHRL5D/8nRM3opQn\nXok1GwgMa6d7AAD7mAEA2N9MScMErOBVXAJ03lvxpz+7PgbScvL7RO1OiQRz\nxeMA+wUgxou9ZJpBUuenj/z/29vcboGUI+FcnD/g8ZWCHG/fzlMEaFRmgBIF\nK4EEAAoCAwT30/I8Lw7K+MxvkYwsi9TdQ5ry8McPDgQnEST2+M/UzzD1TPwG\nVFvLXBgVKFxNiuXyWoGa870qzAddIu/DLDVAAwEIB8J4BBgTCAAqBYJoVGaA\nCZDrKVUj9iRYRAKbDBYhBFLbCnMygldU2J2CeespVSP2JFhEAABLGwD9FsE/\nks9t9wBrLyiyKlVZ/+hPPDb+0rMRHQrcV8ACwiYA/RzZ576prROfme957NGj\n5fGAijHDaBPyNinLMnD4EoEFxk8EaFRmgBMFK4EEAAoCAwQbnZsAMbrZ6Lnl\nMT8ZjmCyq4Au+KDEMH9dndk5qVpZIgvHzMwZYusZtija5M/erWbg0Iutv1R1\nolMd9htHSScOzVViMmZlNTRlZTI1YzIyOWM0MzJiNzU2MWYgPHVzZXItYjJm\nZTU0ZWUyNWMyMjljNDMyYjc1NjFmQGIyZmU1NGVlMjVjMjI5YzQzMmI3NTYx\nZi5jb20+wowEEBMIAD4FgmhUZoAECwkHCAmQrNctBNmaAcADFQgKBBYAAgEC\nGQECmwMCHgEWIQSJSRD0FwPmwraqiESs1y0E2ZoBwAAAqJkBAIhIhHS8i71t\nbe43TKYThRaOzeo73afL31UEbK12huloAQCrjr5GEz+4L84Nl8TcWt5yAI8U\nF1hi+O5rdP35UL6xKcLCCQQTEwgCewWCaFRmhwILCQmQiTUbCAxrp3uXFIAA\nAAAADgCAY29tbW9uS2V5Y2hhaW40ZTUzNGEwMTkzYzY2MzZhMDcyNzA3OWUy\nNTYwMWFiZDZjMjg1M2Q2MzU4MjE2MmJjNTNhZTY5YjE1MmYwZWMyYzJlMDk2\nNTgzZGE4ZTdmZmQzNmRmZjYxMzFhMTcwMjA3MjdmOTU0MzAwMTUyNWMxNzJj\nMWU3NzI5MDAzNTlkMz0UgAAAAAAMACh1c2VyR3BnS2V5SWQ1MmRiMGE3MzMy\nODI1NzU0ZDg5ZDgyNzllYjI5NTUyM2Y2MjQ1ODQ0PxSAAAAAAA4AKGJhY2t1\ncEdwZ0tleUlkODk0OTEwZjQxNzAzZTZjMmI2YWE4ODQ0YWNkNzJkMDRkOTlh\nMDFjMJUUgAAAAAAMAIB1c2VyU2hhcmVQdWI3MWM5ZTUwZWQwYTM2ZDJhNjNi\nODQyMmIxYWJjZGNkYjdlMDA2YTNhYzYxZTM0ZmUyNGU5YmYwMjY1YzU4ZDkw\nNGRhYzZmNjkzZGRlZGY1NzU0ZjIwOWRlNDI5YjliODViODc4ZTA5MjllYzg2\nNjAxN2Y4ZGExYjE3ZTE2OTZjM5cUgAAAAAAOAIBiYWNrdXBTaGFyZVB1YjI5\nNWRjZDIwMTQ3Yzk4ZjJmODUxZjU1MmYxODk0NmM5NDkyN2ZlMzFlNjE4NjM2\nMzg1Y2MyMzVhMzk1OWIwOWQ0ZGFjNmY2OTNkZGVkZjU3NTRmMjA5ZGU0Mjli\nOWI4NWI4NzhlMDkyOWVjODY2MDE3ZjhkYTFiMTdlMTY5NmMzAhUIAhYAA5sC\nAQIeARYhBHRL5D/8nRM3opQnXok1GwgMa6d7AAA1qQD/VhEk0qEulSG72bf7\nH5TOCL6dnYbxmWswr4on7z3zXoEA/iW1qjJ73pqhjDtajEWgN6xUn2tV9Gpg\nThEYxANgKbB9zlMEaFRmgBIFK4EEAAoCAwT4Gb8wWXh8/sLEmxqedVVxnUz5\nsvxfyRyXfTBdouSKq+BmkS6etrjajhHBpBxCKuy89f352LQ/YWgVcf+fX6zX\nAwEIB8J4BBgTCAAqBYJoVGaACZCs1y0E2ZoBwAKbDBYhBIlJEPQXA+bCtqqI\nRKzXLQTZmgHAAABdagEAj3HDYn2bPI8amcWIhv+rEdHNJtew1jI+/FRTXmtI\nqJoA/27LrU0kGze9NPzN/fc+QCCjEVmwQMvACwPI55wf8KKX\n=c8yX\n-----END PGP PUBLIC KEY BLOCK-----\n"
   }
 }
-```
+```

src/__tests__/masterBitgoExpress/generateWallet.test.ts

@@ -138,9 +138,23 @@ describe('POST /api/:coin/wallet/generate', () => {
   });
 
   it('should generate a TSS wallet by calling the enclaved express service', async () => {
+    const constantsNock = nock(bitgoApiUrl)
+      .get('/api/v1/client/constants')
+      // Not sure why the nock is not matching any headers, but this works
+      .matchHeader('accept-encoding', 'gzip, deflate')
+      .matchHeader('bitgo-sdk-version', '48.0.0')
+      .reply(200, {
+        constants: {
+          mpc: {
+            bitgoPublicKey: 'test-bitgo-public-key',
+          },
+        },
+      });
+
     const userInitNock = nock(enclavedExpressUrl)
       .post(`/api/${eddsaCoin}/mpc/initialize`, {
         source: 'user',
+        bitgoGpgKey: 'test-bitgo-public-key',
       })
       .reply(200, {
         encryptedDataKey: 'key',
@@ -163,6 +177,7 @@ describe('POST /api/:coin/wallet/generate', () => {
     const backupInitNock = nock(enclavedExpressUrl)
       .post(`/api/${eddsaCoin}/mpc/initialize`, {
         source: 'backup',
+        bitgoGpgKey: 'test-bitgo-public-key',
       })
       .reply(200, {
         encryptedDataKey: 'key',
@@ -261,6 +276,7 @@ describe('POST /api/:coin/wallet/generate', () => {
     // );
 
     // Verify all nock mocks were called
+    constantsNock.done();
     userInitNock.done();
     backupInitNock.done();
     bitgoAddKeychainNock.done();

src/enclavedBitgoExpress/routers/enclavedApiSpec.ts

@@ -50,6 +50,7 @@ const BitgoPayloadType = t.union([
 
 export const InitEddsaKeyGenerationRequest = {
   source: t.union([t.literal('user'), t.literal('backup')]),
+  bitgoGpgKey: t.string,
 };
 
 export const InitEddsaKeyGenerationResponse = t.type({

src/masterBitgoExpress/enclavedExpressClient.ts

@@ -14,10 +14,10 @@ import { InitEddsaKeyGenerationResponse } from '../enclavedBitgoExpress/routers/
 
 const debugLogger = debug('bitgo:express:enclavedExpressClient');
 
-interface InitMpcKeyGenerationParams {
+export type InitMpcKeyGenerationParams = {
   source: 'user' | 'backup';
-  coin?: string;
-}
+  bitgoGpgKey: string;
+};
 
 interface FinalizeMpcKeyGenerationParams {
   source: 'user' | 'backup';
@@ -268,6 +268,7 @@ export class EnclavedExpressClient {
       let request = this.apiClient['v1.key.mpc.init'].post({
         coin: this.coin,
         source: params.source,
+        bitgoGpgKey: params.bitgoGpgKey,
       });
 
       if (this.tlsMode === TlsMode.MTLS) {

src/masterBitgoExpress/generateWallet.ts

@@ -154,15 +154,20 @@ export async function handleGenerateOnPremMpcWallet(
     walletParams.enterprise = enterprise;
   }
 
+  const constants = await bitgo.fetchConstants();
+  if (!constants.mpc || !constants.mpc.bitgoPublicKey) {
+    throw new Error('Unable to create MPC keys - bitgoPublicKey is missing from constants');
+  }
+
   // Initialize key generation for user and backup
   const userInitResponse = await enclavedExpressClient.initMpcKeyGeneration({
     source: 'user',
-    coin: req.params.coin,
+    bitgoGpgKey: constants.mpc.bitgoPublicKey,
   });
 
   const backupInitResponse = await enclavedExpressClient.initMpcKeyGeneration({
     source: 'backup',
-    coin: req.params.coin,
+    bitgoGpgKey: constants.mpc.bitgoPublicKey,
   });
 
   // Extract GPG keys based on payload type